It used to be as compliance lawyers we had to explain to companies and executives what the U.S. Foreign Corrupt Practices Act (“FCPA”) was and what it prohibited. Those days are mostly gone. It is a hot compliance topic and should already be on the radar of every company, regardless of size – whether a U.S. company or a foreign company that does business in the U.S. Now the conversation usually starts with what do we need to do and how much will it cost. These are both good questions that more and more companies have been asking in the past five years. What has changed is the urgency for smaller companies to start asking those questions and the need for a cost-effective solution.
A new survey by Deloitte shows smaller companies are almost four times more likely (23 percent) than larger companies (6 percent) to have no written policy addressing anti-corruption. Smaller companies are also almost three times as likely (37 percent) as larger companies (13 percent) to fail to conduct internal audits of each of their foreign operations to identify potential corrupt activity. The two most common explanations from these smaller companies for their lack of compliance is that they don’t need it because of their size and limited international operations or that they can’t afford it. Neither reason is justifiable anymore as the risks, costs and severity of prosecutions increase.
The first excuse, we don’t need it, and the first question, what do we need, go hand in hand and have evolved over the years as compliance enforcement has increased. The FCPA prohibits bribery of foreign officials by U.S. companies and their foreign representatives and requires such companies to maintain accurate books and records. It also extends to foreign companies that have a sufficient nexus with the U.S. The Act was passed in 1977 but was not seriously enforced until the last decade and did not become a serious compliance worry until after Sarbanes-Oxley starting requiring corporate boards to certify company financial reports. A company can face fines in the tens or hundreds of millions of dollars for FCPA violations. Company employees and agents can also be fined individually (with the company prohibited from paying the fine on behalf of the employee or agent, or reimbursing the employee or agent who pays the fine), and can be imprisoned for up to five years for violating the FCPA. Additionally, and of potentially dire consequence to a small company, a company can be banned from contracting with the U.S. government.
Why do smaller companies need FCPA compliance? Most executives will tell you they know their international operations and they don’t bribe anyone, so they should be fine. That, unfortunately, is not the case. The Act does not just prohibit bribes as the layman understands them. It prohibits payments of “anything of value” to foreign officials or other prohibited recipients with the corrupt intent to have such officials or recipients use their influence to assist that person obtain, retain, or direct business. The anti-bribery provisions explicitly prohibit not only payments made directly to a foreign official, but also to an intermediary while “knowing” that all or some of the payment will be passed on improperly to a foreign official. The FCPA defines “foreign official” broadly to include any officer or employee of a foreign government or a public international organization; the definition is generally understood to include officers and employees of a commercial enterprise owned by a foreign government as well as relatives of the officials. This broad definition of a “foreign official” is currently being challenged in the U.S. courts but the recent decisions suggest it will be read to be expansive. As such, companies need to vigilantly investigate their foreign agents, joint venture partners, business associates, and employees to make sure they do not fall within the definition unknowingly. Additionally, the Act has what is essentially strict liability for books and records violations, so a company that doesn’t have compliance policies in place for its bookkeeping could be walking a dangerous path.
Knowing your foreign operations and partners is just the first step in FCPA compliance. The second part is having in place the proper compliance program. This is a critical compliance measure because it will educate your employees in the U.S. law, search out possible violations, and alert you to increased risks. Equally importantly, should your company face prosecution for a violation by a foreign employee, it will allow the company to argue to the government prosecutors that the U.S. operations and executives did not have the requisite “knowledge” of the payment. The Act prohibits payments made to a third party while knowing that they will benefit a government official. The Act’s knowledge standard encompasses the concepts of “conscious disregard” and “willful blindness.” Thus, a company that ignores red flags or doesn’t have policies and procedures in place to prevent improper payments may be viewed as turning a blind eye. This can be an awful and costly surprise for a company.
The other reasons for a compliance program are the dramatic increase in criminal prosecutions, charges against individual executives, and fines. While we may never again see a prosecution like Siemens with fines and costs exceeding $1 billion, the average fine in an FCPA case is steadily increasing. In addition, most settlements with the government now require companies to install expensive and burdensome compliance programs with outside independent monitors. These forced compliance programs are almost always more expensive than the sensible policies a company can install without a government prosecutor overseeing and approving the program.
This brings us back to the difficult concern facing smaller companies and one of the reasons for the lag in FCPA compliance found in the Deloitte survey. Compliance programs can involve drafting policies, training employees in the U.S. and abroad, vetting foreign agents and subsidiaries, regular certifications, hotlines, and other measures that typically involve significant attorney time. This can be prohibitively expensive, especially in this tough economy, at the hourly rates charged by the big international law firms. It is important for smaller U.S. and foreign companies to consider compliance programs at a fixed rate or from small firms that provide sophisticated compliance at an accessible rate.
Bode & Grenier, LLP attorney Jacob Lebowitz has a trial and compliance practice with over ten years of compliance experience, at big and small firms, representing companies around the world. He is in frequent contact with the Department of Justice and Securities Exchange Commission attorneys investigating and prosecuting the Foreign Corrupt Practices Act and stays abreast of all the latest compliance developments. We offer compliance programs at a cost-effective hourly rate or we can work with you to provide a compliance package at competitive set flat fee. Contact us for more information.